Black Friday, Cyber Monday and the Seasonal E-Commerce Onslaught

Hyperactive online activity and potentially compromised purchasing, promotion and sales behaviours are like a red rag to a bull for enterprising cybercriminals.

From denial of service (DoS) attacks shutting down retailers in their revenue-generating prime to ransomware campaigns extorting your hard-earned spending money, there’s a world of banana skins out there.

Formjacking is one of this years’ most notable threats and is, according to the F5 Labs 2019 Application Protection Report, now one of the most common web attack tactics in play. It was responsible for 71 per cent of F5 Labs-analysed, web-related data breaches in 2018.

As more web applications connect to critical components such as shopping carts, card payments, advertising and analytics, vendors become an outsized target. Code can be delivered from a wide range of sources – almost all of which are beyond the boundaries of usual enterprise security controls. Since many websites make use of the same third-party resources, attackers know that they just need to compromise a single component to skim data from a huge pool of potential victims.

Subscribe and get threat intelligence updates from security leaders with decades of experience

Develop a richer understanding of your security environment with only one email per week.

Always have the latest security research and analysis at your fingertips.

Strategic insights from CISO-level experts give you deeper analysis than your peers who only rely on threat reports.

Great! You should receive your first email shortly.

Unsubscribe at any time. We will never use your email to sell to you or try to get you to use our product. You'll only receive security reports and analysis.

About the author

David Warburton

David Warburton is Senior Threat Research Evangelist with F5 Labs with over 20 years’ experience in IT and security. A regular speaker at industry events and contributor to online and broadcast media, he was responsible for the design of a public cloud platform and for helping large government organisations adapt and improve their security posture. He also recently completed an MSc in Information Security with Royal Holloway University where his thesis was on the use of cryptography in IoT.

Hundreds of apps will be attacked by the time you read this.

So, we get to work. We obsess over effective attack methods. We monitor the growth of IoT and its evolving threats. We dive deep into the latest crypto-mining campaigns. We analyze banking Trojan targets. We dissect exploits. We hunt for the latest malware. And then our team of experts share it all with you. For more than 20 years, F5 has been leading the app delivery space. With our experience, we are passionate about educating the security community-providing the intel you need to stay informed so your apps can stay safe.

Every

9 hrs

a critical vulnerability—with the potential for remote code execution—is released.

image/svg+xml

Subscribe and get threat intelligence updates from security leaders with decades of experience

Develop a richer understanding of your security environment with only one email per week.

Always have the latest security research and analysis at your fingertips.

Strategic insights from CISO-level experts give you deeper analysis than your peers who only rely on threat reports.

Subscribe and get threat intelligence updates from security leaders with decades of experience

Unsubscribe at any time. We will never use your email to sell to you or try to get you to use our product. You'll only receive security reports and analysis.